From code to
infrastructure —
I build and run
reliable systems.

Whether you need a marketing site, a customer portal, or a full SaaS product, I build from the ground up with clean architecture, proper testing, and code you won't be embarrassed to hand to the next engineer.

• Custom websites with CMS integration and fast load times
• Full-stack applications: React/Vue frontend + Python or Node backend
• SaaS platforms with multi-tenancy, billing, and user management
• REST and GraphQL APIs — documented, versioned, and tested
• E-commerce builds on custom or Shopify/Stripe foundations
• Performance audits and optimization — Core Web Vitals to database queries
• Legacy modernization and technical debt reduction

AI is most valuable when it's invisible — quietly handling repetitive work, surfacing the right information, or routing decisions correctly. I focus on practical integration that fits your existing workflow, not impressive demos that break in production.

• LLM integration (OpenAI, Anthropic, Mistral) into existing products
• Intelligent chatbots with retrieval-augmented generation (RAG)
• Business process automation with n8n, Make, or custom scripts
• ETL pipelines and data preprocessing for ML workloads
• ML prototype development and evaluation
• AI strategy consulting — where AI actually helps vs. where it doesn't
• Workflow automation connecting your SaaS tools

Shipping code shouldn't be a manual process. I set up the infrastructure, pipelines, and observability so your team can deploy with confidence and sleep soundly when things go wrong.

• Cloud provisioning on AWS, GCP, or bare-metal (Hetzner, OVH)
• Docker and Docker Compose environments for dev/staging/prod parity
• Kubernetes clusters with proper namespacing and resource limits
• CI/CD pipelines in GitHub Actions, GitLab CI, or Drone
• Monitoring with Prometheus + Grafana + alerting via PagerDuty or Slack
• Automated backup systems with tested recovery procedures
• Scaling strategies: horizontal, vertical, and cost-optimized

From small office VLAN setups to multi-site enterprise networks, I design and implement networks that are secure by default, documented thoroughly, and easy for your team to manage.

• Network architecture design for offices, data centers, and hybrid environments
• VLAN design and 802.1Q trunk configuration
• Firewall setup: pfSense, OPNsense, iptables, Fortinet
• Site-to-site and remote access VPN: WireGuard, OpenVPN, IPSec
• Routing protocols: BGP, OSPF, static routing, policy routing
• Load balancing with HAProxy, Nginx, or hardware solutions
• Network performance diagnostics and troubleshooting
• Secure architecture review and zero-trust implementation

Linux is the backbone of most modern infrastructure. I configure, harden, and optimize Linux systems for production workloads — from single servers to clustered environments that need to stay up.

• Fresh server setup with security baseline from day one
• CIS benchmark hardening for Debian, Ubuntu, and RHEL
• Nginx, Apache, and Caddy configuration and optimization
• Reverse proxy and SSL/TLS certificate management
• System performance tuning: kernel parameters, I/O schedulers, memory
• Bash and Python automation scripts for operations
• Log aggregation, rotation, and analysis
• High availability setups: Keepalived, Pacemaker, Corosync

Security isn't a product you buy — it's a practice you build. I help teams establish sensible, maintainable security practices that reduce real risk without grinding operations to a halt.

• System and application hardening against common attack vectors
• Access control review: least privilege, role-based, key management
• Secrets management: Vault, environment isolation, credential rotation
• Security audit support: evidence gathering, remediation guidance
• Threat model reviews for web applications and APIs
• Incident response support: containment, forensics, recovery
• Best practice reviews aligned with OWASP, CIS benchmarks, SOC 2